"The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide," notes the company.

I have no reason to doubt that statement, and am glad that they can and do help in such cases, with properly vetted requests. But what do such cases have to do with the NSA and their types of investigations? Very little, if anything, I would think. It would be local law enforcement agencies making requests like those noted. That makes the statement a bit less relevant, a bit less exonerating, if that's what Apple was after.

"The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide," notes the company.

I have no reason to doubt that statement, and am glad that they can and do help in such cases, with properly vetted requests. But what do such cases have to do with the NSA and their types of investigations? Very little, if anything, I would think. It would be local law enforcement agencies making requests like those noted. That makes the statement a bit less relevant, a bit less exonerating, if that's what Apple was after.

The statement simply sets the context. All government requests for data, from all agencies, are over 9000. (please, just leave that one alone...) They're indirectly saying that the NSA aren't making very many requests. It's very likely they aren't allowed to reveal exactly how many, and this is a back door way of complying and still providing useful information. (as well as adding a bit of stealth marketing with that comment about iMessage and Facetime)

I still think it's a big assumption that just because these companies don't think their stuff is compromised, it isn't. This is the NSA we are talking about. A combination of recruiting IT business employees like intelligence assets and just plan old hacking with the power of the NSA behind you could get access to nearly everything. Look at all these stories about Chinese hackers that have been in systems for years, does anyone believe the NSA doesn't have that capability too? Frankly, assuming you have full access to the major internet routers, it wouldn't be hard to just plain text intercept tons of traffic. We all know https isn't foolproof either.

Most of our security is aimed at protecting against rogue hackers, not at keeping out someone with the resources of the NSA.

I still think it's a big assumption that just because these companies don't think their stuff is compromised, it isn't.

Snowden indirectly confirmed Apple's claim in his chat today when he said that if you have a good encryption NSA can't get through it, their only real hope was to get to weak points at the sending/receiving sides.

ARRRG! But now that you say that, the terrarists win! Next thing you will tell them is that our 320x240 black and white cameras can't REALLY enhance the picture in order to see the reflection of the shooter off of a bullet in flight!

How can apple not be able to decrypt iMessages when iCloud backups can restore them on devices. I would think the keys are included on the the backups to achieve this. A technical answer to this would be interesting.

FaceTime probably has a better chance of being secure I suppose, assuming something like random key handshake exchanges takes place

Don't believe it people, unless apple opens the source for facetime it's got the same problem as TOM Skype. Closed source means you don't know what the program is doing with your keys and with your data. And besides, couldn't the NSA just write apple one of those letters and tell them to lie about facetime being secure?

Honestly, I don't understand how people think anything on the internet is private. PGP or go home.

How can apple not be able to decrypt iMessages when iCloud backups can restore them on devices. I would think the keys are included on the the backups to achieve this. A technical answer to this would be interesting.

FaceTime probably has a better chance of being secure I suppose, assuming something like random key handshake exchanges takes place

If iCloud backups were encrypted with your iCloud password, and apple doesn't know your actual password, but only a hash, then this could be possible? Or, it may be that apples claim about iMessage only applies of you don't store device backups on iCloud.

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

It certainly sounds highly improbable that messages which can be restored via backup files are "end-to-end encrypted"

Depends on what you define as the "end", doesn't it? If the device at one "end" decrypts it and leaves it unencrypted on the device, is that end-to-end or not? Even if the device leaves it encrypted on disk, that only guards against certain attacks, the weak point is then that the Messages app can decrypt it, and you attack that instead of the raw filesystem. Either way, your backup on iCloud becomes the main risk point, depending on if Apple has the keys to that.

Of course, if the backup is the risk point, then backup locally and remove the risk. As long as sending device encrypts, and receiving device decrypts... then live intercept isn't really a problem. Backdoors on the other hand...

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Didn't we hear about misdirected iMessages appearing on others' phones? According to the pro-Apple link I included, that can happen when a device is erroneously configured to one's Apple ID. So, either the encryption keys are derived (at the device) from the Apple IDs, and Kerckhoffs' Principle comes into play, or Apple has a stash of keys. (Or, maybe there's something I still don't understand about the process.)

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Well obviously big companies are bad and stuff, you know? Like, they're wanting to screw people over and hurt them because... that'll sell more products?

Or maybe they're just filled with evil people, plotting the demise of their customers because... profit?

Yeah! Hate them corporations! They're so big and evil and have the money that I want and sent back my application form because they didn't like that I wrote it in crayon but the colours really made it stand out and they rejected me and I hate them hate them hate them or something ooh like a shiny thing and some stuff on TV

-- I suspect that's similar to the internal monologue of a few posters here.

How can apple not be able to decrypt iMessages when iCloud backups can restore them on devices. I would think the keys are included on the the backups to achieve this. A technical answer to this would be interesting.

FaceTime probably has a better chance of being secure I suppose, assuming something like random key handshake exchanges takes place

You're misunderstanding what message encryption is here. it only protects against attacks when said message is in transit - attacking the endpoints themselves instead of the communications protocol (which is what you're doing here) bypasses it completely.

Apple is saying iMessage is secure *in transit*, not when the message is at rest on your device/cloud backup etc.

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Didn't we hear about misdirected iMessages appearing on others' phones? According to the pro-Apple link I included, that can happen when a device is erroneously configured to one's Apple ID. So, either the encryption keys are derived (at the device) from the Apple IDs, and Kerckhoffs' Principle comes into play, or Apple has a stash of keys. (Or, maybe there's something I still don't understand about the process.)

Since all devices with an account can receive iMessages, either there is a key distribution mechanism which communicates the private key to newly registered devices, or each device has its own key pair, and sent messages are encrypted for all receiving devices.

Either way, presumably something was done which erroneously triggered the process by which a new device is made capable of receiving iMessages. It's important to note that in these mix-up cases, possession of the problem iPhone changed.

Wasn't the DEA recently complaining about iMessage too? The messages were encrypted and Apple couldn't (or wouldn't...) decrypt them and neither could the DEA.

At this point, I presume the NSA could crack Apple's encryption. But they are going to have to REALLY want to do it. They aren't going to mass crack iMessages simply because its impractical. However, if all their other snooping crap fingers you as a "evil-dooer", expect them to have all your iMessages and whatever else you think is secure.

I would also presume Apple is being slightly dishonest here. When you send an iMessage it is probably encrypted user to user and Apple has no insight to that. However, when you back it up to iCloud they might be able to get at it. But even Apple might think that sniffing through your old iCloud back-ups is crossing a line regardless of the situation. I do not know how Apple secures your iCloud back up, so if you are super paranoid don't use it.

Could the government make them? No. Could the government offer them anything that is worth taking the risk? No.

If the US government wanted to badly enough? Of course they could force them. It may or may not require ignoring a few laws, but if the US government, for whatever reason, wanted to compel Apple badly enough? It should be pretty obvious they could.

A better question is how much would Apple have to be pushed to backdoor their own systems. Would Apple remain steadfast in opposition if they believed it'd remain secret? What about if the company itself's future was threatened (bring a multitude of lawsuits, issue warnings about their products, never bother to give FCC approval for new phones, "accidentally" lose paperwork, etc)? Or even the management of the company was personally threatened (anywhere from lawsuits to assassination)?

So in a hypothetical alternate reality? Easily. In our reality? That is, indeed, the question of the hour.

@AaronInGP Hmm, you may have something there. I only work for the top 50 companies and they pay me well. I have no complaints

So what's bugging me. The fact that the NSA is building a data storage center that's bigger than Washinton. It doesn't take hatred of big companies to figure out that they're lying - just common sense. The NSA asks all virus and security companies to include a back door so that they can get in. Computer security is non-existent here. Europe is so far ahead of us and they maintain their privacy

I attended the FBI security seminars. Basically, they said they don't know about computer security and need the companies IT people. They can build the criminal case. They can tell the IT people how to get proof. But the group I attended was quite upfront about not having the computer skills necessary

I support the FBI in protecting us. I don't support the NSA knowing every detail of my life

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Gosh...I don't know. For proof of lies, how about the existence of PRISM and the collection of telco meta data on all internal US telephone calls despite the lies told by the head of national intelligence to a US Senator under direct questioning? The fact that this has been going on for years without us knowing about it and it was only disclosed by an NSA whistle blower? This is no longer just about traffic that goes international. It's a HUGE expansion of domestic spying. And now that we know about it, it seems incredibly naive tho just accept the word of the government and their industry partners that everything is above board and awesome. How about some proof that the government is telling the truth this time...because if they are telling the truth about this now, it is apparently the first time.

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Gosh...I don't know. For proof of lies, how about the existence of PRISM and the collection of telco meta data on all internal US telephone calls despite the lies told by the head of national intelligence to a US Senator under direct questioning? The fact that this has been going on for years without us knowing about it and it was only disclosed by an NSA whistle blower? This is no longer just about traffic that goes international. It's a HUGE expansion of domestic spying. And now that we know about it, it seems incredibly naive tho just accept the word of the government and their industry partners that everything is above board and awesome. How about some proof that the government is telling the truth this time...because if they are telling the truth about this now, it is apparently the first time.

There's also that whole lie about how Congress had oversight, when much of them had no idea that any of this was going on.

As a matter of fact, Congress explicitly shut down this program when Bush was in office and called it Total Information Awareness.

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Gosh...I don't know. For proof of lies, how about the existence of PRISM and the collection of telco meta data on all internal US telephone calls despite the lies told by the head of national intelligence to a US Senator under direct questioning? The fact that this has been going on for years without us knowing about it and it was only disclosed by an NSA whistle blower? This is no longer just about traffic that goes international. It's a HUGE expansion of domestic spying. And now that we know about it, it seems incredibly naive tho just accept the word of the government and their industry partners that everything is above board and awesome. How about some proof that the government is telling the truth this time...because if they are telling the truth about this now, it is apparently the first time.

So you want the government to present evidence that they are not doing something? You don't consider that a logical impossibility?

All the comments that assume the statement is filled with lies just crack me up.

If any of these people have, you know, evidence that they are lies, please present such evidence.

Didn't we hear about misdirected iMessages appearing on others' phones? According to the pro-Apple link I included, that can happen when a device is erroneously configured to one's Apple ID. So, either the encryption keys are derived (at the device) from the Apple IDs, and Kerckhoffs' Principle comes into play, or Apple has a stash of keys. (Or, maybe there's something I still don't understand about the process.)

Since all devices with an account can receive iMessages, either there is a key distribution mechanism which communicates the private key to newly registered devices, or each device has its own key pair, and sent messages are encrypted for all receiving devices.

Either way, presumably something was done which erroneously triggered the process by which a new device is made capable of receiving iMessages. It's important to note that in these mix-up cases, possession of the problem iPhone changed.

Not trying to hijack the thread; I am truly interested in this.

I wonder whether one needs physical possession of the new device, or only access to the Apple ID. If one has to physically connect old and new devices, or move a SIM card temporarily to the new device, then private keys could be exchanged that way. If no physical connection is necessary, then I think my original two guesses have to stand.

Why is the NSA collecting data on every internet user. (I assume that somewhere there is a person who doesn't use the internet). They claim that they have a 51% chance of finding aliens. Those are the same odds as flipping a coin. I suspect they made the 51% because they wanted to show something positive. However, if true, it means that about half of Americans are terrorists. I suspect that their success rate is more like 2% and that is based on other forms of intelligence gathering

Look at their record. They didn't stop 911. They haven't stopped almost anything. Even the Boston marathon wasn't stopped. If their success rate is as high as 2% as a result of combing the internet users, color me surprised. IT security people know that the NSA have been able to monitor communications for decades. They are among the best with computers. The technology was available and they didn't stop any attacks. What good are they. Their monitoring of the internet hasn't produced any stoppage of terrorist attacks. So why are they building a huge data storage center. Why do they want to monitor Americans

I still think it's a big assumption that just because these companies don't think their stuff is compromised, it isn't. This is the NSA we are talking about. A combination of recruiting IT business employees like intelligence assets and just plan old hacking with the power of the NSA behind you could get access to nearly everything. Look at all these stories about Chinese hackers that have been in systems for years, does anyone believe the NSA doesn't have that capability too? Frankly, assuming you have full access to the major internet routers, it wouldn't be hard to just plain text intercept tons of traffic. We all know https isn't foolproof either.

Most of our security is aimed at protecting against rogue hackers, not at keeping out someone with the resources of the NSA.

Wasn't the DEA recently complaining about iMessage too? The messages were encrypted and Apple couldn't (or wouldn't...) decrypt them and neither could the DEA.

At this point, I presume the NSA could crack Apple's encryption. But they are going to have to REALLY want to do it. They aren't going to mass crack iMessages simply because its impractical. However, if all their other snooping crap fingers you as a "evil-dooer", expect them to have all your iMessages and whatever else you think is secure.

I would also presume Apple is being slightly dishonest here. When you send an iMessage it is probably encrypted user to user and Apple has no insight to that. However, when you back it up to iCloud they might be able to get at it. But even Apple might think that sniffing through your old iCloud back-ups is crossing a line regardless of the situation. I do not know how Apple secures your iCloud back up, so if you are super paranoid don't use it.

Jim

I've always believed (with little evidence but the suppositions in my previous messages) that the DEA's protestations were disinformation, designed to sucker the bad guys into using iMessage.

...Didn't we hear about misdirected iMessages appearing on others' phones? According to the pro-Apple link I included, that can happen when a device is erroneously configured to one's Apple ID. So, either the encryption keys are derived (at the device) from the Apple IDs, and Kerckhoffs' Principle comes into play, or Apple has a stash of keys. (Or, maybe there's something I still don't understand about the process.)

Well we know that we never sat there and generated keys. So the keys are generated undercover, and protected via our Apple ID. This means installing or leaving your Apple ID on an iDevice results in misdirected traffic. However, I am also able to receive iMessages on both my iPhone and iPad. So whatever this key is, it exists on both devices. Or the original message got encrypted twice.

Also, I can change my Apple ID password and still read old messages. This means the key is not generated directly off of the Apple ID password.

So it would seem there is some mystery here regarding the storage of the key(s) on the iDevice.

If the Apple ID secures a public key system for each device then there can be secure end to end encryption. However, I do not understand how the key storage remains secure in the face of people changing their Apple ID. Perhaps there is a single key for the keychain and the device has access to it via a private password. The Apple ID password is then used to generate the user's access to the key. Changed Apple ID passwords create a new hash and the old one can be discarded.

If instead the key(s) are synchronized across all your devices, I guess it can be secure still if kept encrypted in transit via iCloud and some Apple ID password based encryption.